public override async Task <ClaimsPrincipal> CreateAsync(TUser user) { if (user == null) { throw new ArgumentNullException("user"); } var userId = await UserManager.GetUserIdAsync(user); var userName = await UserManager.GetUserNameAsync(user); var profile = _userProfileService.GetProfileByUserId(userId); var id = new ClaimsIdentity( options.Cookies.ApplicationCookie.AuthenticationScheme, Options.ClaimsIdentity.UserNameClaimType, Options.ClaimsIdentity.RoleClaimType ); id.AddClaim(new Claim(Options.ClaimsIdentity.UserIdClaimType, userId)); id.AddClaim(new Claim(Options.ClaimsIdentity.UserNameClaimType, userName)); if (UserManager.SupportsUserSecurityStamp) { id.AddClaim(new Claim(Options.ClaimsIdentity.SecurityStampClaimType, await UserManager.GetSecurityStampAsync(user))); } if (UserManager.SupportsUserRole) { var roles = await _claimsRepository.GetRolesAsync(user); // UserManager.GetRolesAsync(user); foreach (var roleName in roles) { id.AddClaim(new Claim(Options.ClaimsIdentity.RoleClaimType, roleName)); } } ClaimsPrincipal principal = new ClaimsPrincipal(id); if (principal.Identity is ClaimsIdentity) { ClaimsIdentity identity = (ClaimsIdentity)principal.Identity; if (profile != null) { Claim displayNameClaim = new Claim("DisplayName", profile.FullName.AsFirstNameLastName); if (!identity.HasClaim(displayNameClaim.Type, displayNameClaim.Value)) { identity.AddClaim(displayNameClaim); } } Claim emailClaim = new Claim(ClaimTypes.Email, user.Email); if (!identity.HasClaim(emailClaim.Type, emailClaim.Value)) { identity.AddClaim(emailClaim); } if (_usersService.IsUserInRole(user.Id, _usersService.AdminRoleId)) { ClaimsLogic.AddSystemAdminClaims(id, userName, user.Id, "System Admin"); } else if (_usersService.IsUserInRole(user.Id, _usersService.AffiliateRoleId)) { ClaimsLogic.AddAffiliteClaims(id, userName, user.Id, profile.FullName.AsFirstNameLastName); } else { var department = _departmentsService.GetDepartmentForUser(userName); if (department == null) { return(null); } var group = _departmentGroupsService.GetGroupForUser(user.Id, department.DepartmentId); var departmentAdmin = department.IsUserAnAdmin(user.Id); var permissions = _permissionsService.GetAllPermissionsForDepartment(department.DepartmentId); var roles = _personnelRolesService.GetRolesForUser(user.Id, department.DepartmentId); ClaimsLogic.AddDepartmentClaim(id, department.DepartmentId, departmentAdmin); //ClaimsLogic.DepartmentName = department.Name; DateTime signupDate; if (department.CreatedOn.HasValue) { signupDate = department.CreatedOn.Value; } else { signupDate = DateTime.UtcNow; } //ClaimsLogic.DepartmentId = department.DepartmentId; var name = user.UserName; if (profile != null && !String.IsNullOrWhiteSpace(profile.LastName)) { name = profile.FullName.AsFirstNameLastName; } ClaimsLogic.AddGeneralClaims(id, userName, user.Id, name, department.DepartmentId, department.Name, user.Email, signupDate); bool isGroupAdmin = false; if (group != null) { isGroupAdmin = group.IsUserGroupAdmin(user.Id); } if (departmentAdmin) { var groups = _departmentGroupsService.GetAllGroupsForDepartment(department.DepartmentId); if (groups != null) { foreach (var departmentGroup in groups) { ClaimsLogic.AddGroupClaim(id, departmentGroup.DepartmentGroupId, true); } } } else { if (group != null) { ClaimsLogic.AddGroupClaim(id, group.DepartmentGroupId, isGroupAdmin); } } ClaimsLogic.AddCallClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddActionClaims(id); ClaimsLogic.AddLogClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddStaffingClaims(id); ClaimsLogic.AddPersonnelClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddUnitClaims(id, departmentAdmin); ClaimsLogic.AddUnitLogClaims(id); ClaimsLogic.AddMessageClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddRoleClaims(id, departmentAdmin); ClaimsLogic.AddProfileClaims(id); ClaimsLogic.AddReportsClaims(id); ClaimsLogic.AddGenericGroupClaims(id, departmentAdmin); ClaimsLogic.AddDocumentsClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddNotesClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddScheduleClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddShiftClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddTrainingClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddPIIClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddInventoryClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddConnectClaims(id, departmentAdmin); ClaimsLogic.AddCommandClaims(id, departmentAdmin); ClaimsLogic.AddProtocolClaims(id, departmentAdmin); } } return(principal); }